General

  • Target

    806e12989ef4cd2697d14d030418d274_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240801-n58yzszarl

  • MD5

    806e12989ef4cd2697d14d030418d274

  • SHA1

    34ed04c779ad13709eb204a96c4692364d0b1b19

  • SHA256

    18ca68216d2301aa19c21531d27b550324fcf5481a31644cbb8a957bc3b05ba3

  • SHA512

    e1f4bfea59636124224b7ed78cf1ddecc64a5679bb9671caaf53c06f06cfc1367ec2390452261afbbf4b684de15e363bea30c7334ddff6745fea05f74ed5d863

  • SSDEEP

    12288:jt0nMKpavtSGLwEBaETahdjvzS1QgiY8AHl6HzDxKXdR:jaMK+tT0Eru/jG1QvYzEDxiR

Malware Config

Extracted

Family

latentbot

C2

trustighul2839.zapto.org

Targets

    • Target

      806e12989ef4cd2697d14d030418d274_JaffaCakes118

    • Size

      1.1MB

    • MD5

      806e12989ef4cd2697d14d030418d274

    • SHA1

      34ed04c779ad13709eb204a96c4692364d0b1b19

    • SHA256

      18ca68216d2301aa19c21531d27b550324fcf5481a31644cbb8a957bc3b05ba3

    • SHA512

      e1f4bfea59636124224b7ed78cf1ddecc64a5679bb9671caaf53c06f06cfc1367ec2390452261afbbf4b684de15e363bea30c7334ddff6745fea05f74ed5d863

    • SSDEEP

      12288:jt0nMKpavtSGLwEBaETahdjvzS1QgiY8AHl6HzDxKXdR:jaMK+tT0Eru/jG1QvYzEDxiR

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks